The California Consumer Privacy Act (CCPA) takes effect on January 1, 2020. The legislation is approved so there is no oops, the dog ate my homework on this one.
Your organization is likely impacted if you are retaining data for California residents - even if you don’t have a physical business presence in California, or don’t primarily focus on California residents.
Stop and think about that for a minute:
- Do you have data on California residents in your IT landscape?
- What type of data is retained for California residents?
- Where is the data retained? Where is the data propagated to other systems?
Moreover, California is the first State to enact this form of privacy legislation. We expect more States to implement similar legislation by 2021.
Now is the time to get your IT organization ready for ongoing waves of requests:
- Be able to efficiently respond to show what data is retained for a California resident.
- Be able to confidently delete agreed-upon data for a California resident.
So, how do you create a lifeboat for your organization?
First, your organization needs to know where data is retained and propagated in your IT landscape. Think of it as a blueprint, a map, or a Data Catalog. Your organization will need this to efficiently respond to a request from a California resident. Not if you receive a request, but when.
The Data Catalog: try this simple recipe for success
Second, your organization needs to build processes to remove agreed-upon data when you receive a request from a California resident. Again, not if you receive a request, but when.
Third, your organization needs to maintain the Data Catalog so it accurately represents the evolving IT landscape. This is not a one and done initiative. Your organization needs a sustainable approach that crowdsources the capture of ongoing changes to your IT landscape.
The CCPA undersea quake hits on January 1, 2020. Then the waves start crashing in from the tsunami. Be ready.
Easily build and maintain blueprints for IT.
Then achieve better outcomes by using that same information to solve common IT challenges, mitigate risk, and reduce incidents.